Community
PhishingTEPCO

TEPCO Mass Domain Registration

05/30/2024

200+ registrations in concert with financial or credential phishing

We see over 200+ billing-oriented TEPCO domains created in the last month with the same host. We suspect it’s a mass domain registration in concert with financial or credential phishing.

The domains and historical passive DNS records for the two IPs involved can be found in the GitHub link below. The pDNS may or may not include uninvolved domains, but many appear to be part of the same cluster or campaign.

If the community has any additional input, please let us know.

https://github.com/DomainTools/SecuritySnacks/tree/main/2024/TEPCO

Related Content

APT42Charming KittenCredentialsIranMint SandstormPhishingTA453
Fake Job Boards
Download Now
Binary DefenseCISAJeff FreeneJohn DwyerSalt Typhoon
Salt Typhoon - Research Brief
Download Now
AIDragosFBIGreyNoise LabsLABScon
What We're Reading, Week of 2024-10-14
Download Now